Submitted URL: https://v.ht/b2CBd
Effective URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=22...
Submission: On June 30 via manual from ES

Summary

This website contacted 26 IPs in 8 countries across 25 domains to perform 88 HTTP transactions. The main IP is 172.67.74.159, located in United States and belongs to CLOUDFLARENET, US. The main domain is pl.jolly.me.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 5th 2019. Valid for: a year.
This is the only time pl.jolly.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 69.61.26.121 22653 (GLOBALCOM...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.23.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 95.216.99.227 24940 (HETZNER-AS)
2 7 18.194.201.50 16509 (AMAZON-02)
1 35.156.142.142 16509 (AMAZON-02)
3 3.120.161.141 16509 (AMAZON-02)
1 1 35.158.199.236 16509 (AMAZON-02)
2 2a05:d018:244... 16509 (AMAZON-02)
1 1 52.22.122.65 14618 (AMAZON-AES)
1 36 172.67.74.159 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 4 2a02:6b8::1:119 13238 (YANDEX)
1 35.201.112.186 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.26.11.38 13335 (CLOUDFLAR...)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 35.186.194.58 15169 (GOOGLE)
88 26
Domain Requested by
35 pl.jolly.me www.redir2me.com
pl.jolly.me
code.jquery.com
7 psocialx.com 2 redirects grin23.info
psocialx.com
6 fonts.gstatic.com pl.jolly.me
5 www.google-analytics.com 1 redirects www.googletagmanager.com
v.ht
pl.jolly.me
4 mc.yandex.ru 1 redirects pl.jolly.me
3 uf.noclef.com psocialx.com
uf.noclef.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 www.facebook.com pl.jolly.me
2 www.google.de pl.jolly.me
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 connect.facebook.net v.ht
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
pl.jolly.me
2 fonts.googleapis.com pl.jolly.me
2 www.redir2me.com uf.noclef.com
www.redir2me.com
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.googletagmanager.com v.ht
pl.jolly.me
1 rs.fullstory.com edge.fullstory.com
1 api2.jolly.me code.jquery.com
1 ad.mail.ru pl.jolly.me
1 edge.fullstory.com pl.jolly.me
1 code.jquery.com pl.jolly.me
1 track.jolly.me 1 redirects
1 totrck.com 1 redirects
1 www.click4more.net 1 redirects
1 typerock.com psocialx.com
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 grin23.info v.ht
1 30e506ef911462c6a4018cb11f05c23c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com v.ht
1 v.ht
88 33

This site contains links to these domains. Also see Links.

Domain
support.awesomehelp.net
Subject Issuer Validity Valid
www.v.ht
Let's Encrypt Authority X3
2020-05-01 -
2020-07-30
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-06-10 -
2020-09-02
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-06-10 -
2020-09-02
3 months crt.sh
*.google.de
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
*.google.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
psocialx.com
Amazon
2020-05-07 -
2021-06-07
a year crt.sh
typerock.com
Amazon
2020-05-07 -
2021-06-07
a year crt.sh
uf.noclef.com
Amazon
2020-01-16 -
2021-02-16
a year crt.sh
redir2me.com
Sectigo RSA Domain Validation Secure Server CA
2019-04-22 -
2021-04-21
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-05 -
2020-10-09
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-06-10 -
2020-09-02
3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh
edge.fullstory.com
GTS CA 1D2
2020-05-03 -
2020-08-01
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-06-10 -
2020-09-02
3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-05-14 -
2020-08-05
3 months crt.sh
*.mail.ru
GlobalSign Organization Validation CA - SHA256 - G2
2019-01-18 -
2021-01-18
2 years crt.sh
www.google.de
GTS CA 1O1
2020-06-10 -
2020-09-02
3 months crt.sh
*.fullstory.com
Let's Encrypt Authority X3
2020-06-02 -
2020-08-31
3 months crt.sh

This page contains 2 frames:

Primary Page: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Frame ID: 752C91221898293E6FC1ADDB8AF666B0
Requests: 87 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: D3FAC1344DBAF32004D76E580959321C
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://v.ht/b2CBd Page URL
  2. http://grin23.info/ad1?30jlw128 Page URL
  3. https://psocialx.com/tds/cpa?tdsId=p1446tok_r&tds_campaign=p1446tok&utm_source=int&utm_campaign=f... HTTP 302
    https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&t... Page URL
  4. https://psocialx.com/fg/tds/cpa?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_ci... HTTP 302
    https://www.click4more.net/c/db28b948a6839b57?s1=70_f576c6ad_nt&s2=f576c6ad&s3=%7Bs3%7D&s4=%7Bs4%7D&s5=... HTTP 302
    https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6... Page URL
  5. https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6... Page URL
  6. https://totrck.com/?a=229&c=4719&p=r&s5=184858&s2=dasoy5efab42fa034d340427526 HTTP 302
    https://track.jolly.me/click?pid=76&offer_id=218&sub1=229&sub2=220103055&sub3=184858 HTTP 302
    https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

88
Requests

99 %
HTTPS

60 %
IPv6

25
Domains

33
Subdomains

26
IPs

8
Countries

1679 kB
Transfer

3350 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://v.ht/b2CBd Page URL
  2. http://grin23.info/ad1?30jlw128 Page URL
  3. https://psocialx.com/tds/cpa?tdsId=p1446tok_r&tds_campaign=p1446tok&utm_source=int&utm_campaign=f576c6ad&utm_content={utm_content}&data2={data2}&utm_sub=opnfnl&m=ps HTTP 302
    https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a Page URL
  4. https://psocialx.com/fg/tds/cpa?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&tds_id=p1446tok_r&tds_oid=a&dci=d6bd927e870d1888fb34b0e1cf03d6a534d077e8&tds_host=psocialx.com&tdsId=p1446tok_targeting_a&utm_sub=opnfnl&m=ps&p_tds_cid=&tds_reason=direct HTTP 302
    https://www.click4more.net/c/db28b948a6839b57?s1=70_f576c6ad_nt&s2=f576c6ad&s3=%7Bs3%7D&s4=%7Bs4%7D&s5=3e0644d1c5c623c5726780f5583fe7315a3f2fd0&s6=r0027mar&dci=d6bd927e870d1888fb34b0e1cf03d6a534d077e8&tds_host=psocialx.com&tds_split=a&tds_campaign=r0027mar&tds_id=r0027mar_lp_a_568380612276_adsbridge&tds_oid=dbca768732c875b2_&tds_cid=3e0644d1c5c623c5726780f5583fe7315a3f2fd0&tdsId=r0027mar_lp_a_568380612276_adsbridge&utm_campaign=f576c6ad&utm_source=int&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&utm_sub=opnfnl&m=ps&p_tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&tds_reason=direct HTTP 302
    https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_tmp Page URL
  5. https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_final Page URL
  6. https://totrck.com/?a=229&c=4719&p=r&s5=184858&s2=dasoy5efab42fa034d340427526 HTTP 302
    https://track.jolly.me/click?pid=76&offer_id=218&sub1=229&sub2=220103055&sub3=184858 HTTP 302
    https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://psocialx.com/tds/cpa?tdsId=p1446tok_r&tds_campaign=p1446tok&utm_source=int&utm_campaign=f576c6ad&utm_content={utm_content}&data2={data2}&utm_sub=opnfnl&m=ps HTTP 302
  • https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
Request Chain 24
  • https://psocialx.com/fg/tds/cpa?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&tds_id=p1446tok_r&tds_oid=a&dci=d6bd927e870d1888fb34b0e1cf03d6a534d077e8&tds_host=psocialx.com&tdsId=p1446tok_targeting_a&utm_sub=opnfnl&m=ps&p_tds_cid=&tds_reason=direct HTTP 302
  • https://www.click4more.net/c/db28b948a6839b57?s1=70_f576c6ad_nt&s2=f576c6ad&s3=%7Bs3%7D&s4=%7Bs4%7D&s5=3e0644d1c5c623c5726780f5583fe7315a3f2fd0&s6=r0027mar&dci=d6bd927e870d1888fb34b0e1cf03d6a534d077e8&tds_host=psocialx.com&tds_split=a&tds_campaign=r0027mar&tds_id=r0027mar_lp_a_568380612276_adsbridge&tds_oid=dbca768732c875b2_&tds_cid=3e0644d1c5c623c5726780f5583fe7315a3f2fd0&tdsId=r0027mar_lp_a_568380612276_adsbridge&utm_campaign=f576c6ad&utm_source=int&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&utm_sub=opnfnl&m=ps&p_tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&tds_reason=direct HTTP 302
  • https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_tmp
Request Chain 70
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=447121021&t=pageview&_s=1&dl=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&dr=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%253D%26action%3Daction_final&ul=en-us&de=UTF-8&dt=Jolly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=2106126257&gjid=1241464669&cid=308043357.1593488433&tid=UA-37739046-14&_gid=913785710.1593488433&_r=1&gtm=2wg6h1N6W77T&cd2=none&z=954753056 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37739046-14&cid=308043357.1593488433&jid=2106126257&_gid=913785710.1593488433&gjid=1241464669&_v=j83&z=954753056 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-14&cid=308043357.1593488433&jid=2106126257&_v=j83&z=954753056 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-14&cid=308043357.1593488433&jid=2106126257&_v=j83&z=954753056&slf_rd=1&random=189784481
Request Chain 72
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-37739046-1&cid=308043357.1593488433&jid=1577957844&uid=none&gjid=1326921137&_gid=913785710.1593488433&_u=YGDAgAAB~&z=582367079 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-1&cid=308043357.1593488433&jid=1577957844&_v=j83&z=582367079 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-1&cid=308043357.1593488433&jid=1577957844&_v=j83&z=582367079&slf_rd=1&random=3364447493
Request Chain 78
  • https://mc.yandex.ru/watch/42561829?wmode=7&page-ref=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%253D%26action%3Daction_final&page-url=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1593488431874%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200630054033%3Aet%3A1593488433%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A588137629011%3Arqn%3A1%3Arn%3A249271337%3Ahid%3A576777032%3Ads%3A0%2C0%2C75%2C35%2C838%2C0%2C0%2C249%2C11%2C%2C%2C%2C1173%3Afp%3A1055%3Awn%3A55527%3Ahl%3A2%3Agdpr%3A14%3Av%3A1885%3Awv%3A2%3Arqnl%3A1%3Ast%3A1593488433%3Au%3A1593488433527908035%3At%3AJolly HTTP 302
  • https://mc.yandex.ru/watch/42561829/1?wmode=7&page-ref=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%253D%26action%3Daction_final&page-url=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1593488431874%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200630054033%3Aet%3A1593488433%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A588137629011%3Arqn%3A1%3Arn%3A249271337%3Ahid%3A576777032%3Ads%3A0%2C0%2C75%2C35%2C838%2C0%2C0%2C249%2C11%2C%2C%2C%2C1173%3Afp%3A1055%3Awn%3A55527%3Ahl%3A2%3Agdpr%3A14%3Av%3A1885%3Awv%3A2%3Arqnl%3A1%3Ast%3A1593488433%3Au%3A1593488433527908035%3At%3AJolly

88 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
b2CBd
v.ht/
3 KB
2 KB
Document
General
Full URL
https://v.ht/b2CBd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.121 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
05800161f7fb0d76cdc646d737c12f08a234c9928609e3fb09ab489fc43d03f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Host
v.ht
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
Hotcores.com
Date
Tue, 30 Jun 2020 03:39:35 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Alpha
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/
49 KB
17 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: v.ht
URL: https://v.ht/b2CBd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91af617735892cbe24eb2ebb11ea6c09bedd4bdd4a6a3f406a62204ed2b306d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"557 / 137 of 1000 / last-modified: 1593468687"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
16591
x-xss-protection
0
expires
Tue, 30 Jun 2020 03:40:29 GMT
js
www.googletagmanager.com/gtag/
84 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Requested by
Host: v.ht
URL: https://v.ht/b2CBd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb446d31662ab47a4c9bc1e9d042c5d57b0db2a1458cafbeee458a7df6c1ec44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:29 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33720
x-xss-protection
0
last-modified
Tue, 30 Jun 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jun 2020 03:40:29 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
3651
date
Tue, 30 Jun 2020 02:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Tue, 30 Jun 2020 04:39:38 GMT
collect
www.google-analytics.com/r/
35 B
98 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1279374862&t=pageview&_s=1&dl=https%3A%2F%2Fv.ht%2Fb2CBd&ul=en-us&de=UTF-8&dt=b2CBd&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=2022601890&gjid=1236789754&cid=548173496.1593488429&tid=UA-31510493-3&_gid=1811047673.1593488429&_r=1&gtm=2ou6h1&z=1242585234
Requested by
Host: v.ht
URL: https://v.ht/b2CBd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jun 2020 03:40:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
109 B
316 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=v.ht
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Jun 2020 03:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
316 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=v.ht
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Jun 2020 03:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020062502.js
securepubads.g.doubleclick.net/gpt/
249 KB
89 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062502.js?21066628
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
4a48100236e192a9045a10da91c4bc15ed2b0bb7c414bc047ccb96d95e5ec2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jun 2020 17:09:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90389
x-xss-protection
0
expires
Tue, 30 Jun 2020 03:40:29 GMT
ads
securepubads.g.doubleclick.net/gampad/
410 B
710 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1951077190419346&correlator=3930140030964470&output=ldjh&impl=fif&adsid=NT&eid=21066628%2C21065975%2C21066436&vrg=2020062502&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200630&iu_parts=5837603%2CVht_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1593488429&dt=1593488429662&dlt=1593488429200&idt=443&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=495576698&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fv.ht%2Fb2CBd&dssz=10&icsg=680&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x423&msz=0x0&ga_vid=548173496.1593488429&ga_sid=1593488430&ga_hid=1279374862&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062502.js?21066628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
218
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://v.ht
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
30e506ef911462c6a4018cb11f05c23c.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://30e506ef911462c6a4018cb11f05c23c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062502.js?21066628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062502.js?21066628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cookie set ad1
grin23.info/
1021 B
1 KB
Document
General
Full URL
http://grin23.info/ad1?30jlw128
Requested by
Host: v.ht
URL: https://v.ht/b2CBd
Protocol
HTTP/1.1
Server
95.216.99.227 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash

Request headers

Host
grin23.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 30 Jun 2020 03:40:29 GMT
Server
Apache
Expires
Thu, 21 Jul 1977 07:30:00 GMT
Cache-Control
max-age=0
Pragma
no-cache
Set-Cookie
antibot-hostia=true; path=/; domain=grin23.info; expires=Wed, 01-Jul-2020 03:40:29 GMT 847ba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjRcIjoxNTkzNDg4NDI5fSxcImNhbXBhaWduc1wiOntcIjJcIjoxNTkzNDg4NDI5fSxcInRpbWVcIjoxNTkzNDg4NDI5fSJ9.sttZMW-oVukoZRsXe5cwTYUFXvhIrwniOQbe1wAgpkc; expires=Fri, 31-Jul-2020 03:40:29 GMT; Max-Age=2678400; path=/; domain=.grin23.info
Vary
User-Agent,Accept-Encoding
Last-Modified
Tue, 30 Jun 2020 03:40:29 GMT
Content-Encoding
gzip
Content-Length
331
Keep-Alive
timeout=3, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020062502&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062502.js?21066628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Jun 2020 03:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5729
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062502.js?21066628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/b2CBd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Tue, 30 Jun 2020 03:40:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame D3FA
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.ht/b2CBd
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://v.ht/b2CBd

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Mon, 29 Jun 2020 22:49:17 GMT
expires
Tue, 29 Jun 2021 22:49:17 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
17472
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c65bf232bb4e1451ecf45ce781df0936
psocialx.com/fg/s/
Redirect Chain
  • https://psocialx.com/tds/cpa?tdsId=p1446tok_r&tds_campaign=p1446tok&utm_source=int&utm_campaign=f576c6ad&utm_content={utm_content}&data2={data2}&utm_sub=opnfnl&m=ps
  • https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&...
1 KB
1 KB
Document
General
Full URL
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
Requested by
Host: grin23.info
URL: http://grin23.info/ad1?30jlw128
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-201-50.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a3c1aaf0e2f84daf1debebc7c447c1c6af11836ef4bbcf022650cf32cf9f54e3

Request headers

:method
GET
:authority
psocialx.com
:scheme
https
:path
/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://grin23.info/ad1?30jlw128
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
AWSALB=zKPPz2Zy7cVVs9eRkMo9fsnWl1ZdILb6AbRqkw7gX8tM1Km+sOmNwE7pfSRlcfz9lXenfAoRoXlLnEXSUc9iww5nJIpbn1cD7PeODDNIvMoQUE38taRbG/XLRD1H; AWSALBCORS=zKPPz2Zy7cVVs9eRkMo9fsnWl1ZdILb6AbRqkw7gX8tM1Km+sOmNwE7pfSRlcfz9lXenfAoRoXlLnEXSUc9iww5nJIpbn1cD7PeODDNIvMoQUE38taRbG/XLRD1H; dci=d6bd927e870d1888fb34b0e1cf03d6a534d077e8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://grin23.info/ad1?30jlw128

Response headers

status
200
date
Tue, 30 Jun 2020 03:40:30 GMT
content-type
text/html
server
nginx
set-cookie
AWSALB=jLnaC9CzSKax3YbRqxKTg6YNYQG4sT5zSzWLTea1lcJTNMz3tgakUOt4HfNZHkkXyRMwcVf5276yEMr7gpjBfFVbWUpjlxCjlv+tWU4f3MfROlLUKIcuE24BWe2d; Expires=Tue, 07 Jul 2020 03:40:30 GMT; Path=/ AWSALBCORS=jLnaC9CzSKax3YbRqxKTg6YNYQG4sT5zSzWLTea1lcJTNMz3tgakUOt4HfNZHkkXyRMwcVf5276yEMr7gpjBfFVbWUpjlxCjlv+tWU4f3MfROlLUKIcuE24BWe2d; Expires=Tue, 07 Jul 2020 03:40:30 GMT; Path=/; SameSite=None; Secure
accept-ch
UA, Platform, Model, Mobile, Arch
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

status
302
date
Tue, 30 Jun 2020 03:40:30 GMT
server
nginx
set-cookie
AWSALB=zKPPz2Zy7cVVs9eRkMo9fsnWl1ZdILb6AbRqkw7gX8tM1Km+sOmNwE7pfSRlcfz9lXenfAoRoXlLnEXSUc9iww5nJIpbn1cD7PeODDNIvMoQUE38taRbG/XLRD1H; Expires=Tue, 07 Jul 2020 03:40:30 GMT; Path=/ AWSALBCORS=zKPPz2Zy7cVVs9eRkMo9fsnWl1ZdILb6AbRqkw7gX8tM1Km+sOmNwE7pfSRlcfz9lXenfAoRoXlLnEXSUc9iww5nJIpbn1cD7PeODDNIvMoQUE38taRbG/XLRD1H; Expires=Tue, 07 Jul 2020 03:40:30 GMT; Path=/; SameSite=None; Secure dci=d6bd927e870d1888fb34b0e1cf03d6a534d077e8; Max-Age=31536000; Domain=.psocialx.com; Path=/; Expires=Wed, 30 Jun 2021 03:40:30 GMT; Secure; SameSite=None
accept-ch
UA, Platform, Model, Mobile, Arch
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
access-control-allow-origin
*
location
/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
style.css
psocialx.com/fg/
1 KB
919 B
Stylesheet
General
Full URL
https://psocialx.com/fg/style.css
Requested by
Host: psocialx.com
URL: https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-201-50.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ea929ab07b7bf2a8848a25d3073bbf9b6b6c9bad34196d4f41e7ae5cbd84bc62

Request headers

Referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:30 GMT
content-encoding
gzip
last-modified
Thu, 25 Jun 2020 08:19:24 GMT
server
nginx
etag
W/"4b6-172ea8f5ee0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=6
accept-ranges
bytes
script.js
psocialx.com/fg/
1 KB
1017 B
Script
General
Full URL
https://psocialx.com/fg/script.js
Requested by
Host: psocialx.com
URL: https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-201-50.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f5e8812013c22dc36dc8753740e30b07fbd62557da162a6150ae4f9526a10709

Request headers

Referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:30 GMT
content-encoding
gzip
last-modified
Thu, 25 Jun 2020 08:19:24 GMT
server
nginx
etag
W/"4d1-172ea8f5ee0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=6
accept-ranges
bytes
t
psocialx.com/fg/
35 B
547 B
Image
General
Full URL
https://psocialx.com/fg/t?_=1593488430364
Requested by
Host: psocialx.com
URL: https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-201-50.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 30 Jun 2020 03:40:30 GMT
server
nginx
accept-ch
UA, Platform, Model, Mobile, Arch
content-type
image/gif
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
8871b6e5dd5347f70db643ace286f45b
typerock.com/43fbb6270523e1760fa5f0d2579dea07/
35 B
722 B
Image
General
Full URL
https://typerock.com/43fbb6270523e1760fa5f0d2579dea07/8871b6e5dd5347f70db643ace286f45b?tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&dci=d6bd927e870d1888fb34b0e1cf03d6a534d077e8
Requested by
Host: psocialx.com
URL: https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.142.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-142-142.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:30 GMT
server
nginx
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ch
UA, Platform, Model, Mobile, Arch
content-type
image/gif
t2
psocialx.com/fg/
35 B
546 B
Image
General
Full URL
https://psocialx.com/fg/t2?_=1593488430364
Requested by
Host: psocialx.com
URL: https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-201-50.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 30 Jun 2020 03:40:30 GMT
server
nginx
accept-ch
UA, Platform, Model, Mobile, Arch
content-type
image/gif
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
main.js
uf.noclef.com/c_js/
7 KB
3 KB
Script
General
Full URL
https://uf.noclef.com/c_js/main.js?iHash=2c331d248af103975a9b6c80990f8220005c87cb
Requested by
Host: psocialx.com
URL: https://psocialx.com/fg/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.161.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-161-141.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
f38344a01905f2b8ef93b7f2f37b6db7561843c8b162b1c25427c562710ebde3

Request headers

Referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:30 GMT
content-encoding
gzip
etag
W/"1d6e-UYFZpdXrUJQttS3OKcayIRpayO0"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
recaptcha.js
uf.noclef.com/c_js/
1 KB
932 B
Script
General
Full URL
https://uf.noclef.com/c_js/recaptcha.js?placement=fg_in&referer=http%3A%2F%2Fgrin23.info%2Fad1%3F30jlw128&doc_location=https%253A%252F%252Fpsocialx.com%252Ffg%252Ftds%252Fcpa%253Futm_campaign%253Df576c6ad%2526utm_source%253Dint%2526tds_campaign%253Dp1446tok%2526tds_cid%253Dab41ba481e0bda0a2b4660c52a5554fea79e876c%2526utm_content%253D%25257Butm_content%25257D%2526data2%253D%25257Bdata2%25257D%2526tds_id%253Dp1446tok_r%2526tds_oid%253Da%2526dci%253Dd6bd927e870d1888fb34b0e1cf03d6a534d077e8%2526tds_host%253Dpsocialx.com%2526tdsId%253Dp1446tok_targeting_a%2526utm_sub%253Dopnfnl%2526m%253Dps%2526p_tds_cid%253D%2526tds_reason%253Ddirect&null
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?iHash=2c331d248af103975a9b6c80990f8220005c87cb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.161.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-161-141.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
b09ed8a63cb6663b22ad3f76bba54e79cb2d0ef83512e0056ae3cfac12653a38

Request headers

Referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:31 GMT
content-encoding
gzip
etag
W/"54c-23fYlwhWusoRcYcyNogoqe8G0T4"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
psocialx.com
uf.noclef.com/v1/recaptcha/inject/
101 B
334 B
XHR
General
Full URL
https://uf.noclef.com/v1/recaptcha/inject/psocialx.com?placement=fg_in&referer=http%3A%2F%2Fgrin23.info%2Fad1%3F30jlw128&doc_location=https%3A%2F%2Fpsocialx.com%2Ffg%2Ftds%2Fcpa%3Futm_campaign%3Df576c6ad%26utm_source%3Dint%26tds_campaign%3Dp1446tok%26tds_cid%3Dab41ba481e0bda0a2b4660c52a5554fea79e876c%26utm_content%3D%257Butm_content%257D%26data2%3D%257Bdata2%257D%26tds_id%3Dp1446tok_r%26tds_oid%3Da%26dci%3Dd6bd927e870d1888fb34b0e1cf03d6a534d077e8%26tds_host%3Dpsocialx.com%26tdsId%3Dp1446tok_targeting_a%26utm_sub%3Dopnfnl%26m%3Dps%26p_tds_cid%3D%26tds_reason%3Ddirect
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?iHash=2c331d248af103975a9b6c80990f8220005c87cb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.161.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-161-141.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:31 GMT
etag
W/"65-KWBTeogZ/iALEpP8w54rYjF2RIM"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
101
index
www.redir2me.com/redirect/
Redirect Chain
  • https://psocialx.com/fg/tds/cpa?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&tds_id=p1...
  • https://www.click4more.net/c/db28b948a6839b57?s1=70_f576c6ad_nt&s2=f576c6ad&s3=%7Bs3%7D&s4=%7Bs4%7D&s5=3e0644d1c5c623c5726780f5583fe7315a3f2fd0&s6=r0027mar&dci=d6bd927e870d1888fb34b0e1cf03d6a534d07...
  • https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%...
233 B
308 B
Document
General
Full URL
https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_tmp
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?iHash=2c331d248af103975a9b6c80990f8220005c87cb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
www.redir2me.com
:scheme
https
:path
/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_tmp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://psocialx.com/fg/s/c65bf232bb4e1451ecf45ce781df0936?utm_campaign=f576c6ad&utm_source=int&tds_campaign=p1446tok&tds_cid=ab41ba481e0bda0a2b4660c52a5554fea79e876c&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1593488430242&__l=60&tds_id=p1446tok_r&tds_oid=a

Response headers

status
200
server
nginx
date
Tue, 30 Jun 2020 03:40:31 GMT
content-type
text/html; charset=UTF-8
content-length
233

Redirect headers

status
302 302 Found
date
Tue, 30 Jun 2020 03:40:31 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_tmp
server
nginx
set-cookie
unique_2858175=unique_2858175; expires=Wed, 01-Jul-2020 03:40:31 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5efab42fa0352953607686; expires=Wed, 01-Jul-2020 03:40:31 GMT; Max-Age=86400; path=/; HttpOnly unique_2858175=unique_2858175; expires=Wed, 01-Jul-2020 03:40:31 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5efab42fa0352953607686; expires=Wed, 01-Jul-2020 03:40:31 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=184858; expires=Thu, 30-Jul-2020 03:40:31 GMT; Max-Age=2592000; path=/; HttpOnly unique_2858175=unique_2858175; expires=Wed, 01-Jul-2020 03:40:31 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5efab42fa0352953607686; expires=Wed, 01-Jul-2020 03:40:31 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=184858; expires=Thu, 30-Jul-2020 03:40:31 GMT; Max-Age=2592000; path=/; HttpOnly tid=dasoy5efab42fa034d340427526; path=/; HttpOnly
index
www.redir2me.com/redirect/
115 B
189 B
Document
General
Full URL
https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_final
Requested by
Host: www.redir2me.com
URL: https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_tmp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
www.redir2me.com
:scheme
https
:path
/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_final
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_tmp
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_tmp

Response headers

status
200
server
nginx
date
Tue, 30 Jun 2020 03:40:31 GMT
content-type
text/html; charset=UTF-8
content-length
115
Primary Request 87ec54c391372c61a528ca4a264c05ec877ec6a2
pl.jolly.me/land/
Redirect Chain
  • https://totrck.com/?a=229&c=4719&p=r&s5=184858&s2=dasoy5efab42fa034d340427526
  • https://track.jolly.me/click?pid=76&offer_id=218&sub1=229&sub2=220103055&sub3=184858
  • https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&devic...
85 KB
18 KB
Document
General
Full URL
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Requested by
Host: www.redir2me.com
URL: https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_final
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a367069dc2ae8f19199413ab89d054a7967f41e5ed3c9fc4a3426690c7ddbb27

Request headers

:method
GET
:authority
pl.jolly.me
:scheme
https
:path
/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_final
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d4155545f7bdfc63488f9865951b636bd1593488432
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.redir2me.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIybWUuY29t&data=aHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%3D&action=action_final

Response headers

status
200
date
Tue, 30 Jun 2020 03:40:32 GMT
content-type
text/html
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-m-cache-key
lnd:views:GET:pl.jolly.me:87ec54c391372c61a528ca4a264c05ec877ec6a2
cf-cache-status
DYNAMIC
cf-request-id
03a4e8f66a0000c795349e3200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ab4ddd0ade3c795-AMS
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

status
302
date
Tue, 30 Jun 2020 03:40:32 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4155545f7bdfc63488f9865951b636bd1593488432; expires=Thu, 30-Jul-20 03:40:32 GMT; path=/; domain=.jolly.me; HttpOnly; SameSite=Lax afclick=5efab430e24857000131bcdf; Expires=Wed, 30 Jun 2021 03:40:32 GMT; Secure; SameSite=None
location
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
cf-cache-status
DYNAMIC
cf-request-id
03a4e8f6160000c795349e1200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ab4ddd02d72c795-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/
9 KB
879 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Jun 2020 02:30:49 GMT
server
ESF
date
Tue, 30 Jun 2020 03:40:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jun 2020 03:40:32 GMT
style.css
pl.jolly.me/land/75m_mob_push/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://pl.jolly.me/land/75m_mob_push/css/style.css?v=1593434774521
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10648cbb7bf4705f5ab5b0e2fe90703f5e40d3673198a413017531a6523f6b49

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
44880
cf-polished
origSize=13170
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f6c40000c795349e7200000001
last-modified
Tue, 31 Mar 2020 11:24:37 GMT
server
cloudflare
etag
W/"5e832875-3372"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-ray
5ab4ddd13e59c795-AMS
cf-bgj
minify
jquery-2.2.4.min.js
code.jquery.com/
84 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Origin
https://pl.jolly.me

Response headers

Date
Tue, 30 Jun 2020 03:40:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:24:41 GMT
Server
nginx
ETag
W/"573f4859-14e4a"
Vary
Accept-Encoding
X-HW
1593488432.dop033.fr8.t,1593488432.cds137.fr8.shn,1593488432.cds137.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29811
default_inverted.png
pl.jolly.me/land/jolly.me/shared/images/
2 KB
2 KB
Image
General
Full URL
https://pl.jolly.me/land/jolly.me/shared/images/default_inverted.png
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e705eb0cecbc0c2f19eeef713ffa491aa4779d7626c37c9ae8ab4d80a3ee4a

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
cf-cache-status
HIT
age
4571065
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1703
cf-request-id
03a4e8f71d0000c795349ee200000001
last-modified
Tue, 25 Jun 2019 08:45:56 GMT
server
cloudflare
etag
"5d11df44-6a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5ab4ddd1ceccc795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-1.svg
pl.jolly.me/land/75m_mob_push/images/
2 KB
957 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-1.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4083d813327ae0e9fbcaa85f8e191506d885e80d1bc4231c863c78b72524f3f7

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
5994742
status
200
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7310000c795349ef200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1eedfc795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
man-icon.svg
pl.jolly.me/land/75m_mob_push/images/
597 B
413 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/man-icon.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24db5a7b11d8dfe2eea04e40443ea66648a83e3c912e0943c505fd07e72a0ed6

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
4571065
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f73b0000c795349f8200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-255"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1fef5c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
woman-icon.svg
pl.jolly.me/land/75m_mob_push/images/
840 B
560 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/woman-icon.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c125791959bd5b97d18c9631dbdded5ffd878eb6b79bfd5723ee86e6dcf9d01b

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
3019372
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7380000c795349f4200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-348"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1feecc795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-1-green.svg
pl.jolly.me/land/75m_mob_push/images/
2 KB
776 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-1-green.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a88d02c9bc74c4742322edf9d772d1e5aab0bff7739c083e777caafaa131d334

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
5994742
status
200
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7380000c795349f3200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-60c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1feebc795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-2.svg
pl.jolly.me/land/75m_mob_push/images/
659 B
467 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-2.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6809eb22b5d3181c15f166b9a366338db3f0730794ec7bf746f89d77c5c82585

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
1045797
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7380000c795349f2200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-293"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1feeac795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-3.svg
pl.jolly.me/land/75m_mob_push/images/
850 B
565 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-3.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aaa33fbf1c179806d0db607e03d93aa424691008d721f09a14f498a5f9bc49f

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
5994742
status
200
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f73b0000c795349fa200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-352"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1fef8c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-4.svg
pl.jolly.me/land/75m_mob_push/images/
513 B
402 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-4.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7e0722aa1bc893ac05ebf09b332a9baaced5c4624fe461d2f1eff30c3b6b23

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
2872989
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f73b0000c795349f7200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-201"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1fef4c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-5.svg
pl.jolly.me/land/75m_mob_push/images/
371 B
324 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-5.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec329b22425947ba4bc71f3aab51fcd65251b55e44e30e6c70eca0e92079827b

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
3019372
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f73b0000c795349f9200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1fef7c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-6.svg
pl.jolly.me/land/75m_mob_push/images/
520 B
404 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-6.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1f22a8c8fbd232ae3224abc3e82ff419d804b35ff4bf0fed41e396cbc69f9a

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
5911783
status
200
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f73b0000c795349f6200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1fef3c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-7.svg
pl.jolly.me/land/75m_mob_push/images/
679 B
474 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-7.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9597d6b5bd950314708c5c08bb4cb0ef68b49f9893b849dbc5fd7400d706692

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
4571065
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7380000c795349f1200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-2a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1fee9c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-2-green.svg
pl.jolly.me/land/75m_mob_push/images/
662 B
463 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-2-green.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
593c1f05e96ffdf3f9ad45c29dfee1499b69f002ec93754ebf1f4cb11efca44e

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
1045797
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f73b0000c795349fb200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-296"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd1fef9c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-3-green.svg
pl.jolly.me/land/75m_mob_push/images/
853 B
598 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-3-green.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa1f3b24e09e89a63f0eb4788f89a83ee008a91d7b416eb3ada19d5b571c163

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
cf-cache-status
HIT
age
5994743
status
200
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7ba0000c79534a01200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-355"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd2cf95c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-4-green.svg
pl.jolly.me/land/75m_mob_push/images/
516 B
405 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-4-green.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be53b695cd84028a74d007237fde519cd2407f794d1d954efe725f67224ddcf

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
cf-cache-status
HIT
age
5911784
status
200
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7ba0000c79534a02200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-204"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd2cf97c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-5-green.svg
pl.jolly.me/land/75m_mob_push/images/
374 B
328 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-5-green.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f56d3adef58ed819af23b6720fc572b0097cbab63654e5b322952c13228ec02

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
cf-cache-status
HIT
age
5994743
status
200
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7bb0000c79534a03200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-176"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd2cf99c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-6-green.svg
pl.jolly.me/land/75m_mob_push/images/
523 B
399 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-6-green.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b107ac6d6acb301997c4626b091b90c4c51d809d865a1be2376007bc3b9bba

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
cf-cache-status
HIT
age
5911784
status
200
cf-bgj
h2pri
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7bb0000c79534a04200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-20b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd2cf9ac795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-7-green.svg
pl.jolly.me/land/75m_mob_push/images/
682 B
520 B
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/icon-7-green.svg
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b7a8b4ce56bcc2122f529742911f2a1a75857c8eef841ac42bd16087752c04

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
cf-cache-status
HIT
age
1003557
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7ea0000c79534a07200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
W/"5d2f0d4a-2aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
5ab4ddd31fd5c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
pl.jolly.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
858 B
Script
General
Full URL
https://pl.jolly.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 26 Jun 2020 09:13:11 GMT
server
cloudflare
etag
W/"5ef5bc27-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5ab4ddd18e89c795-AMS
cf-request-id
03a4e8f6f20000c795349e8200000001
expires
Thu, 02 Jul 2020 03:40:32 GMT
push-subscription-1.0.js
pl.jolly.me/land/shared/js/
5 KB
2 KB
Script
General
Full URL
https://pl.jolly.me/land/shared/js/push-subscription-1.0.js?v=1593434774521
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fdc09e5d7777a8d439ae13a68395a462ed7d6b429e3fa3466558fc81705602

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
2099
cf-polished
origSize=7751
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f7080000c795349ea200000001
service-worker-allowed
/
last-modified
Fri, 19 Jun 2020 14:36:32 GMT
server
cloudflare
etag
W/"5eeccd70-1e47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
5ab4ddd1aea2c795-AMS
cf-bgj
minify
autodomain.js
pl.jolly.me/land/shared/js/
2 KB
797 B
Script
General
Full URL
https://pl.jolly.me/land/shared/js/autodomain.js?v=1593434774521
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d90e12533e82c43a1967cb518e3761974f0b3ad3e7982df47e14f716f861d3

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
2099
cf-polished
origSize=2943
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f71c0000c795349eb200000001
service-worker-allowed
/
last-modified
Thu, 14 Nov 2019 08:56:34 GMT
server
cloudflare
etag
W/"5dcd16c2-b7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
5ab4ddd1cec8c795-AMS
cf-bgj
minify
name_validation.js
pl.jolly.me/land/shared//js/
133 KB
29 KB
Script
General
Full URL
https://pl.jolly.me/land/shared//js/name_validation.js?v=1593434774521
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f0a4298d9c0bd581f38c8b946600a26f99f69cb7658ef41ebd8a7ad2bc9d52

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
2099
cf-polished
origSize=249800
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f71c0000c795349ec200000001
service-worker-allowed
/
last-modified
Tue, 25 Jun 2019 08:45:57 GMT
server
cloudflare
etag
W/"5d11df45-3cfc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
5ab4ddd1cec9c795-AMS
cf-bgj
minify
script.js
pl.jolly.me/land/75m_mob_push/js/
7 KB
2 KB
Script
General
Full URL
https://pl.jolly.me/land/75m_mob_push/js/script.js?v=1593434774521
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8268cdc80411273530bf4db8bbc4f455e0110cc8426ffa5ddb887319cdbc602a

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
cf-cache-status
HIT
age
44880
cf-polished
origSize=8910
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f71d0000c795349ed200000001
last-modified
Tue, 11 Feb 2020 14:26:48 GMT
server
cloudflare
etag
W/"5e42b9a8-22ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-ray
5ab4ddd1cecbc795-AMS
cf-bgj
minify
tag.js
mc.yandex.ru/metrika/
359 KB
91 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
30621ef00f58adf18b716634957984c221af0634eddad78b7143da2551ad9ba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 30 Jun 2020 03:40:33 GMT
Content-Encoding
br
Last-Modified
Fri, 26 Jun 2020 20:59:37 GMT
Server
nginx/1.14.2
ETag
"5ef661b9-16bfc"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93180
Expires
Tue, 30 Jun 2020 04:40:33 GMT
gtm.js
www.googletagmanager.com/
240 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N6W77T
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b376ae7e0f6c8ad74018be98a515c10c5b7067e58cf016b9a6e1b71287be1735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48486
x-xss-protection
0
last-modified
Tue, 30 Jun 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jun 2020 03:40:32 GMT
watch
pl.jolly.me/land/resources/
2 KB
2 KB
Script
General
Full URL
https://pl.jolly.me/land/resources/watch?url=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&funnel_id=&uid=&landing=87ec54c391372c61a528ca4a264c05ec877ec6a2&unique=0&cookie=1&ra=0.7923040077986279
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50cbc148c52982e56f4aeb9be8be717f141e9dc14fb1efb3d592e5fda1f0e31

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
x-test
/land/resources/watch?url=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&funnel_id=&uid=&landing=87ec54c391372c61a528ca4a264c05ec877ec6a2&unique=0&cookie=1&ra=0.7923040077986279
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private, proxy-revalidate, max-age=63072000
cf-ray
5ab4ddd33ff0c795-AMS
content-type
text/javascript; charset=utf-8
cf-request-id
03a4e8f8010000c79534a08200000001
expires
Fri, 01 Jan 1990 00:00:00 GMT
fs.js
edge.fullstory.com/s/
193 KB
58 KB
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
84197caac7e56ecfd3dc601479871f5b45cbd17a954200e4e0517c038cd12809

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Origin
https://pl.jolly.me

Response headers

date
Tue, 30 Jun 2020 03:35:10 GMT
content-encoding
gzip
age
323
x-guploader-uploadid
AAANsUlR-pSfAeXtA-rYZ8OJb8wNRrzXKyu1xgBU5MuW5nGtN68JS7gsyhc1HadImMuEGq6Li-YxM5-vkumEgOGt6OaAMpq8BA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
59014
last-modified
Wed, 17 Jun 2020 22:18:08 GMT
server
UploadServer
etag
"4d81d32fd9abd168dd82c00d66861291"
x-goog-hash
crc32c=wXKEZw==, md5=TYHTL9mr0WjdgsANZoYSkQ==
x-goog-generation
1592432288556971
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=600,no-transform
x-goog-stored-content-length
59014
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 30 Jun 2020 03:45:10 GMT
img-page-1.png
pl.jolly.me/land/75m_mob_push/images/
132 KB
132 KB
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/img-page-1.png
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1957c42da275576079bb941bc07168ef88a936e9b396cee72e4853b2d7c82588

Request headers

Referer
https://pl.jolly.me/land/75m_mob_push/css/style.css?v=1593434774521
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
cf-cache-status
HIT
age
5994742
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
135007
cf-request-id
03a4e8f7380000c795349f0200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
"5d2f0d4a-20f5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5ab4ddd1fee8c795-AMS
cf-bgj
h2pri
img-page-2.png
pl.jolly.me/land/75m_mob_push/images/
136 KB
137 KB
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/img-page-2.png
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ec0d5390a0a7e64c7ecf01a39b80882b86c056947f69dfc8e4b58534e0b6c5

Request headers

Referer
https://pl.jolly.me/land/75m_mob_push/css/style.css?v=1593434774521
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
cf-cache-status
HIT
age
5994743
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
139486
cf-request-id
03a4e8f8010000c79534a09200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
"5d2f0d4a-220de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5ab4ddd33ff2c795-AMS
cf-bgj
h2pri
img-page-3.png
pl.jolly.me/land/75m_mob_push/images/
142 KB
143 KB
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/img-page-3.png
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9b7c5d00347270b5b44c5aaa850ff2292487600a432752f860b1a4171d70fc

Request headers

Referer
https://pl.jolly.me/land/75m_mob_push/css/style.css?v=1593434774521
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
cf-cache-status
HIT
age
816666
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
145812
cf-request-id
03a4e8f8030000c79534a0a200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
"5d2f0d4a-23994"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5ab4ddd33ff7c795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
img-page-4.png
pl.jolly.me/land/75m_mob_push/images/
115 KB
115 KB
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/img-page-4.png
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb897d24559e94a6c56ef65791f12d8e26b240cb7e0e48e725d68440a0e68080

Request headers

Referer
https://pl.jolly.me/land/75m_mob_push/css/style.css?v=1593434774521
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
cf-cache-status
HIT
age
5994742
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117331
cf-request-id
03a4e8f8030000c79534a0b200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
"5d2f0d4a-1ca53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5ab4ddd33ff8c795-AMS
cf-bgj
h2pri
img-page-5.png
pl.jolly.me/land/75m_mob_push/images/
153 KB
153 KB
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/img-page-5.png
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bef22f05e685b24da18c359c704cb8d1f852008bb3963ee17fd9eeb4a74191e

Request headers

Referer
https://pl.jolly.me/land/75m_mob_push/css/style.css?v=1593434774521
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
cf-cache-status
HIT
age
5994742
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
156798
cf-request-id
03a4e8f81d0000c79534a0c200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
"5d2f0d4a-2647e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5ab4ddd3681ec795-AMS
cf-bgj
h2pri
img-page-6.png
pl.jolly.me/land/75m_mob_push/images/
137 KB
137 KB
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/img-page-6.png
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c750db18f8b0e21942afda5f9a82c5492c64d18acd72b383e9fddf0df8145f9

Request headers

Referer
https://pl.jolly.me/land/75m_mob_push/css/style.css?v=1593434774521
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
cf-cache-status
HIT
age
5994742
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
140303
cf-request-id
03a4e8f82d0000c79534a0e200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
"5d2f0d4a-2240f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5ab4ddd37835c795-AMS
cf-bgj
h2pri
img-page-7.png
pl.jolly.me/land/75m_mob_push/images/
133 KB
134 KB
Image
General
Full URL
https://pl.jolly.me/land/75m_mob_push/images/img-page-7.png
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
755fe103bf0ebb084ee6ac927293dd9b8c885406912ff01a2b0c93e235062df9

Request headers

Referer
https://pl.jolly.me/land/75m_mob_push/css/style.css?v=1593434774521
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
cf-cache-status
HIT
age
4571066
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136616
cf-request-id
03a4e8f8690000c79534a11200000001
last-modified
Wed, 17 Jul 2019 11:58:02 GMT
server
cloudflare
etag
"5d2f0d4a-215a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5ab4ddd3d86ac795-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin
https://pl.jolly.me

Response headers

date
Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1824998
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 09 Jun 2021 00:43:54 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin
https://pl.jolly.me

Response headers

date
Fri, 12 Jun 2020 13:44:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1518980
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Sat, 12 Jun 2021 13:44:12 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin
https://pl.jolly.me

Response headers

date
Thu, 25 Jun 2020 03:22:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
433088
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8024
x-xss-protection
0
expires
Fri, 25 Jun 2021 03:22:24 GMT
measure.js
pl.jolly.me/land/shared/js/
4 KB
1 KB
Script
General
Full URL
https://pl.jolly.me/land/shared/js/measure.js?v=3.7
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e18e41db458d1724a66a6422be5b7837e52e0b874cf1701d4fbe288d1a7a218

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
cf-cache-status
HIT
age
2100
cf-polished
origSize=7172
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f86e0000c79534a12200000001
service-worker-allowed
/
last-modified
Fri, 19 Jun 2020 14:36:32 GMT
server
cloudflare
etag
W/"5eeccd70-1c04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
5ab4ddd3e872c795-AMS
cf-bgj
minify
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6W77T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
3654
date
Tue, 30 Jun 2020 02:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Tue, 30 Jun 2020 04:39:38 GMT
bat.js
bat.bing.com/
25 KB
8 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6W77T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:32 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 19:59:59 GMT
x-msedge-ref
Ref A: DCBC2439DEF84EB6A38EF009D8BB787B Ref B: FRAEDGE1315 Ref C: 2020-06-30T03:40:32Z
status
200
etag
"804946b8613fd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7791
fbevents.js
connect.facebook.net/en_US/
133 KB
33 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: v.ht
URL: https://v.ht/b2CBd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34036
x-xss-protection
0
pragma
public
x-fb-debug
jAR0DuSiuqzvatDvP0CY1ah4wV9fYSdxV67HoxWbYvAYD+pBiXyuB71X8KYfeDaS1goSf96o/Q3CJXtwb3ll8g==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Tue, 30 Jun 2020 03:40:32 GMT, Tue, 30 Jun 2020 03:40:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
cm.gif
ad.mail.ru/
43 B
450 B
Image
General
Full URL
https://ad.mail.ru/cm.gif?p=69&id=USER_ID&gtmcb=1411428473
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 30 Jun 2020 03:40:33 GMT
Last-Modified
Tue, 30 Jun 2020 03:40:33 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=21600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Tue, 30 Jun 2020 09:40:33 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=447121021&t=pageview&_s=1&dl=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37739046-14&cid=308043357.1593488433&jid=2106126257&_gid=913785710.1593488433&gjid=1241464669&_v=j83&z=954753056
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-14&cid=308043357.1593488433&jid=2106126257&_v=j83&z=954753056
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-14&cid=308043357.1593488433&jid=2106126257&_v=j83&z=954753056&slf_rd=1&random=189784481
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-14&cid=308043357.1593488433&jid=2106126257&_v=j83&z=954753056&slf_rd=1&random=189784481
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jun 2020 03:40:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jun 2020 03:40:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-14&cid=308043357.1593488433&jid=2106126257&_v=j83&z=954753056&slf_rd=1&random=189784481
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
96 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=447121021&t=pageview&_s=1&dl=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&dr=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%253D%26action%3Daction_final&ul=en-us&de=UTF-8&dt=Jolly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAAB~&jid=1577957844&gjid=1326921137&cid=308043357.1593488433&uid=none&tid=UA-37739046-1&_gid=913785710.1593488433&gtm=2wg6h1N6W77T&cd10=none&cd19=1857&z=1379162636
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 21:25:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1577722
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-37739046-1&cid=308043357.1593488433&jid=1577957844&uid=none&gjid=1326921137&_gid=913785710.1593488433&_u=YGDAgAAB~&z=5823...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-1&cid=308043357.1593488433&jid=1577957844&_v=j83&z=582367079
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-1&cid=308043357.1593488433&jid=1577957844&_v=j83&z=582367079&slf_rd=1&random=3364447493
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-1&cid=308043357.1593488433&jid=1577957844&_v=j83&z=582367079&slf_rd=1&random=3364447493
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jun 2020 03:40:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jun 2020 03:40:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37739046-1&cid=308043357.1593488433&jid=1577957844&_v=j83&z=582367079&slf_rd=1&random=3364447493
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
246541269126552
connect.facebook.net/signals/config/
523 KB
132 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/246541269126552?v=2.9.21&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70a53f1ce1159fe06b2adacb8e4e7c4b636106df094761b64476453c0d2ce819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
135330
x-xss-protection
0
pragma
public
x-fb-debug
Kmqq/mAPhD0XlmD9ttsVz6ltypgdiuRbIQ/WMDxz2ql95ztAjtWRH/tP04ulfI/SijJrQPpVT3we01CfSQjtWg==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Tue, 30 Jun 2020 03:40:33 GMT, Tue, 30 Jun 2020 03:40:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
current-platform
pl.jolly.me/land/
22 B
357 B
XHR
General
Full URL
https://pl.jolly.me/land/current-platform
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef8a9a5ae0a0374f9bb5979af25c840efdcff0cc1e7fa1435327bcdaaa7d7e70

Request headers

Accept
*/*
Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
x-test
/land/current-platform
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cf-ray
5ab4ddd2cf9ec795-AMS
content-type
text/html; charset=UTF-8
cf-request-id
03a4e8f7bf0000c79534a05200000001
0
bat.bing.com/action/
0
94 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5947450&Ver=2&mid=5bc3f216-0dcb-9a8a-d381-95165413acd9&sid=915f4056-19bd-4b2c-e6d7-a1111bffd5f4&vid=be7d86a3-2f5c-4a68-1159-28653e37b892-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Jolly&p=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&r=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%253D%26action%3Daction_final&lt=1184&evt=pageLoad&msclkid=N&sv=1&rn=17415
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Tue, 30 Jun 2020 03:40:32 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: C9FCB40FD2A94E7FB5E3D195F5CBEB9F Ref B: FRAEDGE1315 Ref C: 2020-06-30T03:40:33Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mail-domain-list
api2.jolly.me/rest/v2/marketing/
3 KB
1 KB
XHR
General
Full URL
https://api2.jolly.me/rest/v2/marketing/mail-domain-list
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cba58c6ea68e06188220cb09e6932d56c523ca7e1145e3de29ddae34ae68c372

Request headers

Accept
*/*
Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Platform
desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pl.jolly.me
access-control-expose-headers
retry-after, x-rate-limit-limit, x-rate-limit-remaining, x-rate-limit-reset
cache-control
no-cache, private
cf-ray
5ab4ddd4bd59bdf5-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03a4e8f8f30000bdf57e31e200000001
/
www.facebook.com/tr/
44 B
258 B
Image
General
Full URL
https://www.facebook.com/tr/?id=246541269126552&ev=PageView&dl=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&rl=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%253D%26action%3Daction_final&if=false&ts=1593488433181&sw=1600&sh=1200&v=2.9.21&r=stable&ec=0&o=30&fbp=fb.1.1593488433180.98708406&it=1593488433010&coo=false&rqm=GET
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT, Tue, 30 Jun 2020 03:40:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 30 Jun 2020 03:40:33 GMT
1
mc.yandex.ru/watch/42561829/
Redirect Chain
  • https://mc.yandex.ru/watch/42561829?wmode=7&page-ref=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hP...
  • https://mc.yandex.ru/watch/42561829/1?wmode=7&page-ref=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9...
171 B
718 B
XHR
General
Full URL
https://mc.yandex.ru/watch/42561829/1?wmode=7&page-ref=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%253D%26action%3Daction_final&page-url=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1593488431874%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200630054033%3Aet%3A1593488433%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A588137629011%3Arqn%3A1%3Arn%3A249271337%3Ahid%3A576777032%3Ads%3A0%2C0%2C75%2C35%2C838%2C0%2C0%2C249%2C11%2C%2C%2C%2C1173%3Afp%3A1055%3Awn%3A55527%3Ahl%3A2%3Agdpr%3A14%3Av%3A1885%3Awv%3A2%3Arqnl%3A1%3Ast%3A1593488433%3Au%3A1593488433527908035%3At%3AJolly
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e8bb46a85960a69cafb16bb8789e4d86385ebe53302ac1bd1c5327087513cc46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Jun 2020 03:40:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30-Jun-2020 03:40:33 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://pl.jolly.me
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
171
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Jun-2020 03:40:33 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Jun 2020 03:40:33 GMT
Last-Modified
Tue, 30-Jun-2020 03:40:33 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://pl.jolly.me
Strict-Transport-Security
max-age=31536000
Location
/watch/42561829/1?wmode=7&page-ref=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%253D%26action%3Daction_final&page-url=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1593488431874%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200630054033%3Aet%3A1593488433%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A588137629011%3Arqn%3A1%3Arn%3A249271337%3Ahid%3A576777032%3Ads%3A0%2C0%2C75%2C35%2C838%2C0%2C0%2C249%2C11%2C%2C%2C%2C1173%3Afp%3A1055%3Awn%3A55527%3Ahl%3A2%3Agdpr%3A14%3Av%3A1885%3Awv%3A2%3Arqnl%3A1%3Ast%3A1593488433%3Au%3A1593488433527908035%3At%3AJolly
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 30-Jun-2020 03:40:33 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
425 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 30 Jun 2020 03:40:33 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 30 Jun 2020 04:40:33 GMT
page
rs.fullstory.com/rec/
45 B
217 B
XHR
General
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
abbf28285c4e2119a21d97f0740b85908b8831469f2a45813bb6fafdb258a179
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
via
1.1 google
x-content-type-options
nosniff
status
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://pl.jolly.me
access-control-allow-credentials
true
alt-svc
clear
content-length
45
collect
pl.jolly.me/land/resources/
0
119 B
Other
General
Full URL
https://pl.jolly.me/land/resources/collect
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/shared/js/measure.js?v=3.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Jun 2020 03:40:33 GMT
content-encoding
br
x-test
/land/resources/collect
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cf-ray
5ab4ddd488fbc795-AMS
content-type
text/html; charset=UTF-8
cf-request-id
03a4e8f8d70000c79534a1b200000001
css
fonts.googleapis.com/
5 KB
781 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: pl.jolly.me
URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76c828df931848541d008f5df340db07e1fd29788cd50f9f86198c9c452fdc9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Jun 2020 02:25:42 GMT
server
ESF
date
Tue, 30 Jun 2020 03:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jun 2020 03:40:33 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin
https://pl.jolly.me

Response headers

date
Tue, 09 Jun 2020 22:05:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1748081
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Wed, 09 Jun 2021 22:05:52 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin
https://pl.jolly.me

Response headers

date
Thu, 11 Jun 2020 05:02:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
1636682
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Fri, 11 Jun 2021 05:02:31 GMT
mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin
https://pl.jolly.me

Response headers

date
Tue, 09 Jun 2020 21:45:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:53 GMT
server
sffe
age
1749313
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7292
x-xss-protection
0
expires
Wed, 09 Jun 2021 21:45:20 GMT
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=246541269126552&ev=Microdata&dl=https%3A%2F%2Fpl.jolly.me%2Fland%2F87ec54c391372c61a528ca4a264c05ec877ec6a2%3Fclickid%3D5efab430e24857000131bcdf%26partner%3D76%26pid%3D229%26tid%3D220103055%26src%3D184858%26offer_id%3D218%26ip%3D194.99.105.99%26geo%3DPL%26sub4%3D%26sub5%3D%26device_ua%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26rand%3Db1aba748-b93b-4661-bff0-d3cf2bbb9b33%26time%3D1593488432%26city%3DWarsaw&rl=https%3A%2F%2Fwww.redir2me.com%2Fredirect%2Findex%3Ftype%3Dscript%26to%3DaHR0cHM6Ly93d3cucmVkaXIybWUuY29t%26data%3DaHR0cHM6Ly90b3RyY2suY29tLz9hPTIyOSZjPTQ3MTkmcD1yJnM1PTE4NDg1OCZzMj1kYXNveTVlZmFiNDJmYTAzNGQzNDA0Mjc1MjY%253D%26action%3Daction_final&if=false&ts=1593488434685&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Jolly%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.21&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1593488433180.98708406&it=1593488433010&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 03:40:34 GMT, Tue, 30 Jun 2020 03:40:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 30 Jun 2020 03:40:34 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| ym object| dataLayer object| visitIdentifiers string| resources object| cookieParams string| kismiaApiEndpointHost string| deviceSubscriberApiEndpointHost string| aggrApisDeviceSubscriberUri string| mobilePrefix boolean| request boolean| errorFirst undefined| pauth undefined| new_url undefined| query_params function| getCookie function| onVisitIdentifiersReady object| geoData function| getLocation function| get_class function| serialize function| checkIfRegGo function| is_field_empty string| autoSubChannelParam object| date number| templateEnabled string| projectLink function| parse_str object| requestParams string| cKey function| L function| _L boolean| isPlatformAdaptive string| currentAppType function| defineAppType object| pixelLogic boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| markerry boolean| isEmailCheckedOnServer function| inputGenderError function| inputSearchGenderError function| inputAgreementText function| checkName function| checkPass function| checkAge function| checkEmailOnClient function| checkEmailOnServer function| inputErrorText object| tracking function| formSubmit function| processUserInfo function| setCookie function| getDomainForCookies object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq function| fbq function| _fbq object| PushSubscriptionManager object| gaplugins object| gaGlobal object| gaData function| XRegExp object| formData function| checkFieldAndNext function| cleanWarningSign function| checkGender function| checkNameInner function| checkAgeInner function| checkPassInner function| checkEmailOnClientInner function| checkEmailAfterAutocomplete function| checkEmailOnServerInner function| checkAgreement function| nextStep function| generateYears function| renderSelects object| pushExecuteRetry function| initPushSubscriptionPopup function| getPushGender function| getPushLanguage function| UET object| Ya object| yaCounter42561829 string| _fs_loaded function| _fs_shutdown function| doPostback

31 Cookies

Domain/Path Name / Value
.jolly.me/ Name: _ym_d
Value: 1593488433
.jolly.me/ Name: _ym_visorc_42561829
Value: b
.jolly.me/ Name: _ym_uid
Value: 1593488433527908035
.jolly.me/ Name: landing_id
Value: 37067
.jolly.me/ Name: landing
Value: 87ec54c391372c61a528ca4a264c05ec877ec6a2
.jolly.me/ Name: _uetsid
Value: 915f4056-19bd-4b2c-e6d7-a1111bffd5f4
.jolly.me/ Name: _fbp
Value: fb.1.1593488433180.98708406
.jolly.me/ Name: _gcl_au
Value: 1.1.730885987.1593488433
.jolly.me/ Name: _uetvid
Value: be7d86a3-2f5c-4a68-1159-28653e37b892
.pl.jolly.me/ Name: _gid
Value: GA1.3.913785710.1593488433
.pl.jolly.me/ Name: _gat_UA-37739046-14
Value: 1
.jolly.me/ Name: landing_user
Value: 1593488433168378457
.jolly.me/ Name: step_premium_features
Value: 1
.jolly.me/ Name: step_profile
Value: 1
.pl.jolly.me/ Name: _ga
Value: GA1.3.308043357.1593488433
.jolly.me/ Name: redirect_logged_in
Value: 1
.jolly.me/ Name: _ym_isad
Value: 2
.pl.jolly.me/ Name: _dc_gtm_UA-37739046-1
Value: 1
.jolly.me/ Name: step_photo
Value: 2
.jolly.me/ Name: etn_id
Value: 1
.jolly.me/ Name: __cfduid
Value: d4155545f7bdfc63488f9865951b636bd1593488432
.jolly.me/ Name: after_activation_url
Value: premium%2Ffeatures
.jolly.me/ Name: last_landing_visit
Value: 1593488433
.jolly.me/ Name: traffic_c
Value: 1857
.jolly.me/ Name: traffic_save_params
Value: a%3A14%3A%7Bs%3A7%3A%22clickid%22%3Bs%3A24%3A%225efab430e24857000131bcdf%22%3Bs%3A7%3A%22partner%22%3Bs%3A2%3A%2276%22%3Bs%3A3%3A%22pid%22%3Bs%3A3%3A%22229%22%3Bs%3A3%3A%22tid%22%3Bs%3A9%3A%22220103055%22%3Bs%3A3%3A%22src%22%3Bs%3A6%3A%22184858%22%3Bs%3A8%3A%22offer_id%22%3Bs%3A3%3A%22218%22%3Bs%3A2%3A%22ip%22%3Bs%3A13%3A%22194.99.105.99%22%3Bs%3A3%3A%22geo%22%3Bs%3A2%3A%22PL%22%3Bs%3A4%3A%22sub4%22%3Bs%3A0%3A%22%22%3Bs%3A4%3A%22sub5%22%3Bs%3A0%3A%22%22%3Bs%3A9%3A%22device_ua%22%3Bs%3A120%3A%22Mozilla%2F5.0%2B(Macintosh%3B%2BIntel%2BMac%2BOS%2BX%2B10_14_5)%2BAppleWebKit%2F537.36%2B(KHTML%2C%2Blike%2BGecko)%2BChrome%2F83.0.4103.61%2BSafari%2F537.36%22%3Bs%3A4%3A%22rand%22%3Bs%3A36%3A%22b1aba748-b93b-4661-bff0-d3cf2bbb9b33%22%3Bs%3A4%3A%22time%22%3Bs%3A10%3A%221593488432%22%3Bs%3A4%3A%22city%22%3Bs%3A6%3A%22Warsaw%22%3B%7D
.jolly.me/ Name: app_type
Value: desktop
.jolly.me/ Name: t_type
Value: 0
.jolly.me/ Name: traffic_d
Value: 101
.jolly.me/ Name: lang
Value: pl
.jolly.me/ Name: funnel_id
Value: 5efab430e24857000131bcdf
.jolly.me/ Name: traffic_sc
Value: 2327417

6 Console Messages

Source Level URL
Text
console-api log URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw(Line 1511)
Message:
not issues
console-api log URL: https://pl.jolly.me/land/shared/js/autodomain.js?v=1593434774521(Line 1)
Message:
autoDomainExecuteRetry
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 246541269126552.
console-api log URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw(Line 187)
Message:
document is already ready
console-api log URL: https://pl.jolly.me/land/shared/js/autodomain.js?v=1593434774521(Line 1)
Message:
mail.ru,gmail.com,hotmail.com,yandex.ru,bk.ru,yahoo.com,rambler.ru,list.ru,inbox.ru,outlook.com,hostcalls.com,mail.com,ukr.net,hotmail.es,inbox.lv,icloud.com,outlook.es,ya.ru,gmail.ru,yahoo.es,mail.ua,yahoo.com.ar,live.com,email.ru,i.ua,yandex.ua,hotmail.com.ar,email.com,doanart.com,nauta.cu,abv.bg,yahoo.com.br,tut.by,hotmail.fr,yandex.com,doanart.com,live.com.ar,bol.com.br,yahoo.com.mx,web.de,meta.ua,bigmir.net,yahoo.fr,nauta.com.cu,orange.fr,doanart.com,gmx.de,yandex.by,gmail.com.ar,live.com.mx,sibmail.com,yopmail.com,spaces.ru,ro.ru,e1.ru,sapo.pt,outlook.fr,seznam.cz,aol.com,outlook.com.ar,yahoo.gr,lenta.ru,ya.ru,hotmail.com.br,live.fr,e-mail.ru,msn.com,rootfest.net,sfr.fr,hotmail.co.uk,qip.ru,dk.ru,hotmail.cl,mail.bg,live.cl,yahoo.co.uk,ua.fm,yahoo.de,misena.edu.co,laposte.net,hot.ee,free.fr,walla.com,mvrht.com,ig.com.br,spaces.ru,uol.com.br,hotmail.com.pe,live.com.pt,live.ru,wp.pl,narod.ru,p33.org,pochta.ru,mfil.ru,outlook.com.br,libero.it,terra.com.br,gmail.com.br,googlemail.com,one.lt,email.ua,t-online.de,inbox.lt,com.ua,hotmail.de,km.ru,ya.ru,yahoo.com.co,freemail.hu,outlook.pt,yandex.kz,tut.by,mynet.com,box.az,email.ru,hotmail.be,freenet.de,adinet.com.uy,gmx.net,walla.co.il,nauta.com,me.com,e-mail.com,dsiay.com,hotmail.ca,nm.ru,iol.pt,outlook.com.pe,comcast.net,latinmail.com,cartelera.org,yahoo.co.id,yahoo.it,bbox.fr,wanadoo.fr,email.ru,hotmail.gr,psoxs.com,hotmail.it,inbox.com,live.ca,btinternet.com,live.be,registration.moneyman.ru,disaq.com,live.co.uk,email.cz,jajxz.com,il.com,meta.ua,wimsg.com,mail.md,o2.pl,videotron.ca,yahoo.ca,yahoo.ro,oi.com.br,my.com,myrambler.ru,pisem.net,74.ru,list.com,mvrht.net,front.ru,tvnet.lv,fibertel.com.ar,hotmail.ru,hotbox.ru,bk.ry,vmani.com,online.ua,net.hr,tandem.ru,e-mail.ua,norih.com,aol.com,estudiantes.uo.edu.cu,gmx.fr,prodigy.net.mx,hotmail.com.mx,outlook.de,googlemail.com,neuf.fr,ro.ru,correo.policia.gov.co,mail.eu,icloud.ru,interia.pl,kom.ru,uclv.cu,qq.com,azet.sk,land.ru,vtr.net,arnet.com.ar,live.de,yahoo.com.ph,ploae.com,gmx.com,infomed.sld.cu,mail.by,cartelera.org,gmx.es,yahoo.com.pe,email.ru,live.fr,gmail.com.pe,reduc.edu.cu,tyt.by,vfil.ru,sibnet.ru,windowslive.com,skynet.be
console-api log URL: https://pl.jolly.me/land/87ec54c391372c61a528ca4a264c05ec877ec6a2?clickid=5efab430e24857000131bcdf&partner=76&pid=229&tid=220103055&src=184858&offer_id=218&ip=194.99.105.99&geo=PL&sub4=&sub5=&device_ua=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&rand=b1aba748-b93b-4661-bff0-d3cf2bbb9b33&time=1593488432&city=Warsaw(Line 102)
Message:
m.ya error 1: undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30e506ef911462c6a4018cb11f05c23c.safeframe.googlesyndication.com
ad.mail.ru
adservice.google.com
adservice.google.de
api2.jolly.me
bat.bing.com
code.jquery.com
connect.facebook.net
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
grin23.info
mc.yandex.ru
pagead2.googlesyndication.com
pl.jolly.me
psocialx.com
rs.fullstory.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
totrck.com
tpc.googlesyndication.com
track.jolly.me
typerock.com
uf.noclef.com
v.ht
www.click4more.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.redir2me.com
104.26.11.38
172.217.23.162
172.67.74.159
18.194.201.50
2001:4de0:ac19::1:b:3a
2620:1ec:c11::200
2a00:1148:db00::17
2a00:1450:4001:800::2001
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:818::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:821::2002
2a00:1450:4001:821::2004
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c07::9a
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:244:5200::ab
3.120.161.141
35.156.142.142
35.158.199.236
35.186.194.58
35.201.112.186
52.22.122.65
69.61.26.121
95.216.99.227
03fdc09e5d7777a8d439ae13a68395a462ed7d6b429e3fa3466558fc81705602
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05800161f7fb0d76cdc646d737c12f08a234c9928609e3fb09ab489fc43d03f3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10648cbb7bf4705f5ab5b0e2fe90703f5e40d3673198a413017531a6523f6b49
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1957c42da275576079bb941bc07168ef88a936e9b396cee72e4853b2d7c82588
24db5a7b11d8dfe2eea04e40443ea66648a83e3c912e0943c505fd07e72a0ed6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26b107ac6d6acb301997c4626b091b90c4c51d809d865a1be2376007bc3b9bba
30621ef00f58adf18b716634957984c221af0634eddad78b7143da2551ad9ba3
4083d813327ae0e9fbcaa85f8e191506d885e80d1bc4231c863c78b72524f3f7
48f0a4298d9c0bd581f38c8b946600a26f99f69cb7658ef41ebd8a7ad2bc9d52
4a48100236e192a9045a10da91c4bc15ed2b0bb7c414bc047ccb96d95e5ec2a3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
593c1f05e96ffdf3f9ad45c29dfee1499b69f002ec93754ebf1f4cb11efca44e
5aaa33fbf1c179806d0db607e03d93aa424691008d721f09a14f498a5f9bc49f
5bef22f05e685b24da18c359c704cb8d1f852008bb3963ee17fd9eeb4a74191e
5c750db18f8b0e21942afda5f9a82c5492c64d18acd72b383e9fddf0df8145f9
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
61ec0d5390a0a7e64c7ecf01a39b80882b86c056947f69dfc8e4b58534e0b6c5
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
67d90e12533e82c43a1967cb518e3761974f0b3ad3e7982df47e14f716f861d3
6809eb22b5d3181c15f166b9a366338db3f0730794ec7bf746f89d77c5c82585
6be53b695cd84028a74d007237fde519cd2407f794d1d954efe725f67224ddcf
6c1f22a8c8fbd232ae3224abc3e82ff419d804b35ff4bf0fed41e396cbc69f9a
6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824
70a53f1ce1159fe06b2adacb8e4e7c4b636106df094761b64476453c0d2ce819
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
755fe103bf0ebb084ee6ac927293dd9b8c885406912ff01a2b0c93e235062df9
76c828df931848541d008f5df340db07e1fd29788cd50f9f86198c9c452fdc9f
7e7e0722aa1bc893ac05ebf09b332a9baaced5c4624fe461d2f1eff30c3b6b23
8268cdc80411273530bf4db8bbc4f455e0110cc8426ffa5ddb887319cdbc602a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84197caac7e56ecfd3dc601479871f5b45cbd17a954200e4e0517c038cd12809
8e18e41db458d1724a66a6422be5b7837e52e0b874cf1701d4fbe288d1a7a218
91af617735892cbe24eb2ebb11ea6c09bedd4bdd4a6a3f406a62204ed2b306d7
9e9b7c5d00347270b5b44c5aaa850ff2292487600a432752f860b1a4171d70fc
9f56d3adef58ed819af23b6720fc572b0097cbab63654e5b322952c13228ec02
a367069dc2ae8f19199413ab89d054a7967f41e5ed3c9fc4a3426690c7ddbb27
a3c1aaf0e2f84daf1debebc7c447c1c6af11836ef4bbcf022650cf32cf9f54e3
a88d02c9bc74c4742322edf9d772d1e5aab0bff7739c083e777caafaa131d334
abbf28285c4e2119a21d97f0740b85908b8831469f2a45813bb6fafdb258a179
b09ed8a63cb6663b22ad3f76bba54e79cb2d0ef83512e0056ae3cfac12653a38
b376ae7e0f6c8ad74018be98a515c10c5b7067e58cf016b9a6e1b71287be1735
b3b7a8b4ce56bcc2122f529742911f2a1a75857c8eef841ac42bd16087752c04
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c125791959bd5b97d18c9631dbdded5ffd878eb6b79bfd5723ee86e6dcf9d01b
cb446d31662ab47a4c9bc1e9d042c5d57b0db2a1458cafbeee458a7df6c1ec44
cba58c6ea68e06188220cb09e6932d56c523ca7e1145e3de29ddae34ae68c372
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d50cbc148c52982e56f4aeb9be8be717f141e9dc14fb1efb3d592e5fda1f0e31
d9597d6b5bd950314708c5c08bb4cb0ef68b49f9893b849dbc5fd7400d706692
dfa1f3b24e09e89a63f0eb4788f89a83ee008a91d7b416eb3ada19d5b571c163
e0e705eb0cecbc0c2f19eeef713ffa491aa4779d7626c37c9ae8ab4d80a3ee4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bb46a85960a69cafb16bb8789e4d86385ebe53302ac1bd1c5327087513cc46
ea929ab07b7bf2a8848a25d3073bbf9b6b6c9bad34196d4f41e7ae5cbd84bc62
ec329b22425947ba4bc71f3aab51fcd65251b55e44e30e6c70eca0e92079827b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8a9a5ae0a0374f9bb5979af25c840efdcff0cc1e7fa1435327bcdaaa7d7e70
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f38344a01905f2b8ef93b7f2f37b6db7561843c8b162b1c25427c562710ebde3
f5e8812013c22dc36dc8753740e30b07fbd62557da162a6150ae4f9526a10709
fb897d24559e94a6c56ef65791f12d8e26b240cb7e0e48e725d68440a0e68080
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955